Learning about slightly more advanced networking with linux

Paul Warren

Mastodon: @pwarren@mastodon.thewarrens.name

email: paul at thewarrens.name

© 2021 Paul Warren

CC BY-NC-SA

! WARNING !

I am not a network engineer, there are gaps in my knowledge

The words I use might not be the correct ones

Please don't blame me if your network stops networking

Maybe don't go and try building an ISP based off this talk :)

What even is a network

Ethernet?

Token Ring?

IPX?

AX.25?

What even is a network

ipv4?

ipv6?

tcp?

Allows connections between computers

Managed network?

Controls connections between computers

Scales connections between computers

Layers!

Like an onion!

That 7 layer thing from the OSI

Ethernet -> IP -> ICMP/TCP/UDP

Administrative overlays

VPNs and Tunnels

Layers!

This means the Physical layers do not have to match the Logical connections

Networks are also a bit fractal in nature

For the purposes of this talk, we can ignore a lot of complexity

An easy one!

VLANS

Ethernet layer

Designed to limit broadcast storms

Can also separate IP networks on the same Ethernet

Tagged and Untagged/Default

IEEE 802.1Q

VLANs in linux

Are pretty easy!

	    ip link add link enp0s2 name enp0s2.2501 vlan id 2501
	    ip -6 addr add 2001:db8:2501::10/64 dev enp0s2.2501
	    ip link set dev enp0s2.2501 up
	    
	  

VLANs in linux

Various different methods of making it go in different distributions

Debian: in /etc/network/interfaces

	    auto enp1s0.2502
iface enp1s0.2502 inet dhcp
iface enp1s0.2502 inet6 auto
	  

OpenWRT has a nice GUI

What even is a router?

Two or more interfaces

Some logic to determine where a packet goes

Linux Routing

	      net.ipv4.ip_forward = 1
	      net.ipv6.conf.all.forwarding = 1
	      net.ipv6.conf.default.forwarding = 1
	    
	  

And we're done!

Yeah, not really :)

Static Routes!

Manually added, or scripted routes that don't change

	      ip route add 172.17.0.0/24 via 172.16.0.254 dev wg0
	    
	  

Static Routes!

Harking back to our vlan

ip -6 route add 2001:db8:2501::/64 via 2001:db8:2500::1 dev enp0s1
ip -6 route add 2001:db8:2502::/64 via 2001:db8:2500::1 dev enp0s1
ip -6 route add 2001:db8:2600::/64 via 2001:db8:2600:beef:face::1 dev enp0s1
	  

Enter dynamic routes

As a Router:

Advertise your LANs

Discovering routes to other LANs

Optional: Do some logic

Add them to the routing table

Userspace daemons

talking to the kernel networking stack

Dynamic Routing

Open Shortest Path First (OSPF)

The algorithm is pretty interesting

RFC2328

RFC5340

For: Dynamic routes inside your networks

Dynamic Routing

Border Gateway Protocol (BGP)

RF4271

For: Dynamic routes outside your network (and inside sometimes)

The Userspace Daemons

BIRD: Berkeley Internet Routing Daemon

Quagga: Fork of Zebra

Significant overlap, but they are different

I've not used Quagga

intro to bird

Powerful

Complex to configure

Use version control

Intro to bird configuration

/etc/bird.conf

Each router needs a unique ID

Intro to bird configuration

KNorries diagram here

¿Por qué no los dos?

OpenWRT is a linux based distribution for real networking hardware

Bonus homework

Why did I use 2001::db8::/32?

Why did I use /64s?

I highly recommend going through KNorrie's network examples: https://github.com/knorrie/network-examples

OSPF Areas

Automatic transfers of internal aggregates to BGP (Something I've not investigated much)

Resources

These slides: https://gitea.pwarren.id.au/pwarren/SysAdmin2022

bird: https://bird.network.cz

Openwrt: https://openwrt.org/

The OpenWRT IRC channel, currently on the OFTC network

BenEater's "Why was facebook down for five hours"

802.1Q: